Flow-Based Detection and Identification of Zero-Day IoT Cameras

The majority of consumer IoT devices lack mechanisms for administrators to monitor and control them, hindering tailored security policies. A key challenge is identifying whether a new device, especially a streaming IoT camera, has joined the network. We present zCamInspector, a system for...

CVE-2020-11624

An issue was discovered in AvertX Auto focus Night Vision HD Indoor/Outdoor IP Dome Camera HD838 and Night Vision HD Indoor/Outdoor Mini IP Bullet Camera HD438. They do not require users to change the default password for the admin account. They only show a pop-up window suggesting a change but...

The vulnerability of the development package for integrating cloud services and communication functions in IoT devices. The Kalay SDK, a microprogramming software for video surveillance cameras such as Owlet Cam v1, Owlet Cam v2, Wyze Cam v3, and Roku Indoor Camera SE, is related to the use of uninitialized variables, allowing attackers to disclose confidential information.

The vulnerability of the development package for integrating cloud services and communication functions in IoT devices is related to the use of uninitialized variables. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information...

The vulnerability of the development package for integrating cloud services and communication functions in IoT devices. The Kalay SDK, a microprogramming software for video surveillance cameras like Owlet Cam v1 and Owlet Cam v2, has a flaw related to the failure to eliminate special elements used in the operating system’s command set. This allows attackers to execute arbitrary commands and increase their privileges.

The vulnerability of the development package for integrating cloud services and communication functions in IoT devices is related to the failure to remove special elements used in the operating system’s command set when executing system calls like IOCTL during the unpacking of updates. Exploiting...

ThroughTek Flaw Exposed Millions of IoT Cameras to Spying

By Deeba Ahmed According to researchers, the vulnerability affects IoT cameras worldwide and lets attackers hijack video streams. This is a post from HackRead.com Read the original post: ThroughTek Flaw Exposed Millions of IoT Cameras to Spying...

Baseon Lantronix MSS IOT/Cameras Device Servers telnet-Service NO require password authentication

Baseon Lantronix MSS IOT/Cameras Device Servers telnet-Service NO require password authentication had Exposed on the internet in ZoomEye : https://www.zoomeye.org/searchResult?q=%22prompt%20for%20assistance%22%20%2Bport:%2223%22&t=all login telnet with no password...